package com.wwj.web.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("/login")
public class UserLogin {

    @RequestMapping("/toLogin")
    public String toLogin() {
        return "login/login";
    }

    @RequestMapping("/login")
    public String login(String username, String password) {
        Subject subject = SecurityUtils.getSubject();
        System.out.println("------------->>>>用户名和密码：" + username + ":" + password);

        try {
            AuthenticationToken token = new UsernamePasswordToken(username, password);
            subject.login(token);
        } catch (UnknownAccountException e) {
            System.out.println("未知的账号！！！------------->>>>>>>");
        } catch (IncorrectCredentialsException e) {
            System.out.println("密码错误！！！------------->>>>>>>");
        } catch (AuthenticationException e) {
            e.printStackTrace();
            System.out.println("密码或用户名错误！！！------------->>>>>>>");
        }
        boolean admain = subject.hasRole("user");
        boolean permitted = subject.isPermitted("user:query");
        System.out.println("判断是否拥有某一个角色-----------------"+admain);
        System.out.println("判断是否拥有某一个权限-----------------"+permitted);
        
        return "login/loginSuccess";
    }
}
